Despite a small decline in the total volume of ransomware attacks, assailants are increasingly leveraging the attack method as a targeted way to extort enterprises. This shift toward more selective targets is a typical trend within the Cyber Security industry. For example, at one point, mass phishing emails were all the rage. Attackers would send generic messages to hundreds or thousands of users, hoping that one naïve person would click on a link and help the attacker further their agenda.

A common discussion in the security industry is how to improve the effectiveness of detection and prevention systems. You can find tons of documentation and books about: The Defender's Dilemma, Blue Team vs Red Team, A Comprehensive Security Approach, among others. However, in any organization, it is very important to move beyond theory and implement specific solutions to detect security attacks and security threats.

Today, Sysdig is proud to announce our integration with the AWS Security Hub. AWS Security Hub consolidates alerts and findings from multiple AWS services including, Amazon GuardDuty, Amazon Inspector, as well as from AWS Partner Network (APN) security solutions, which Sysdig is already a part of. This single pane of glass gives you a comprehensive view of high-priority security alerts and compliance status across AWS accounts.

Today, we are announcing the general availability of our new module within our Global Intelligence Service with a benchmarking capability on AWS security by baselining the Amazon GuardDuty findings. If you are one of the 100,000 users of Sumo, go to your App catalog and install the Amazon GuardDuty benchmark app with one click and see your threats against the global threats that we gather from hundreds of Sumo customers.

Defining a data breach can be tough for a lot of organizations. However, since the introduction of the General Data Protection Regulation (GDPR) in 2018, organizations that operate in the EU need to follow regulatory guidelines that can have real business implications if ignored. But when a cyber incident hits your organization, do you know if it needs to be disclosed to the public? How prepared are you to let your customers and authorities know?

In the attacker’s world, all vulnerabilities and potential exploits work toward the hacker’s advantage — not yours, not mine. This includes WordPress hacks. While living back east (over a decade ago), I was friends with several small business owners. One weekend morning, the owner of the local photography studio called me at 7 am and said: “I think I’ve been hacked.” I could hear the soft clicking of a keyboard in the background.

One of these problems is that Kubernetes has no login process. Ordinarily, the client software would initiate this login flow, but kubectl does not have this built in. Kubernetes leaves it up to you to design the login experience. In this post, I will explain the journey we took to get engineers logged in from the terminal and the challenges we faced along the way. The first step to SSO was to set up Dex as our Identity Provider.

Before beginning, you might ask yourself: Does my organization need a GRC Solution? The simple answer is yes. There are over 200 complex frameworks and workflows that simply can’t be managed by floods of repetitious spreadsheets or word documents. Let’s define “Governance Risk-Management Compliance” and how the three pillars work together in relation to an organization and its objectives. Check top 30 security frameworks – 2019.

Organizations usually focus on cyber threats which are external in origin. These include anti-malware, external firewalls, DDoS attack mitigation, external data loss prevention, and the list goes on. That's great, external cyber attacks are very common so it's vital to protect your networks from unauthorized access and malicious penetration. The internet and unauthorized physical access to your facilities will always be risks and they must be monitored and managed.

Gartner has been a thought leader in the SIEM space for the last few years. Gartner’s Magic Quadrant is considered one of the top market research reports on SIEM’s capabilities and vendors. Very recently, I attended the 2019 Gartner Security & Risk Management Conference, and based on thousands of conversations Gartner has had with their clients, they have a good vantage point on the SIEM space this year.